Cyber and Data Security

Are you adequately covered in the event of a Cyber attack on your business

Monday 10th of July 2017 08:00

It seems barely a week goes by without news of an organisation losing data containing personal information or suffering a cyber-attack. The WannaCry ransomware attack of 12th May 2017 targeted Microsoft Windows operating systems and infected 230,000 computers in 150 countries, other high profile attacks have targeted Yahoo and the online loan company Wonga.

The insurance market is responding and a number of insurers are offering products which will offer support to organisations who suffer a data breach or cyber-attack. So what cover is available, are you potentially at risk and are there any practical actions you can take?

Cover available

breach costs, including:

forensic investigations

legal advice

notifying customers or regulators

providing support, i.e. credit monitoring to affected customer

cyber business interruption will provide compensation for loss of income, including where this is caused by loss of reputation

privacy protection will pay to defend and settle claims made against an organisation for failing to keep customers’ personal data secure and where allowed settle civil penalties levied by regulators

media liability provides protection if an organisation inadvertently infringes someone’s copyright, for example using a picture online or inadvertently libels a third party in an email or other electronic communication

cyber extortion covers the costs of hiring a specialist risk consultancy to manage a situation or the final ransom if this is paid

Are you at risk?

If an organisation;

holds sensitive customer details such as names and addresses or banking information

is reliant on computer systems to conduct business

has a website

issubject to a payment card industry merchant services agreement

then it could be vulnerable to a data breach or loss of business services.

What can you do to help protect yourself?

Hackers are incredibly adept at exploiting vulnerabilities, but there are three things organisations can do to keep on top of ransomware attacks; firstly have good back up procedures in place, secondly keep software patching up to date and finally do regular phishing training with employees.